Attack surface

1. An information system's characteristics that permit an adversary to probe, attack, or maintain presence in the information system.

2. The set of ways in which an adversary can enter a system and potentially cause damage.

Source: Explore Terms: A Glossary of Common Cybersecurity Terminology, National Initiative for Cybersecurity Careers and Studies (NICCS),; The Cyber Glossary, National Security Archive, George Washington University,

3. Attack vector: Mechanism or method used by an attacker to gain access to a target’s computer system and/or deliver an effect.

Source: U.S. Cyberspace Solarium Commission, March 2020,